CVE-2019-4310

Vulnerability

IBM Security Guardium Big Data Intelligence (SonarG) version 4.0 uses an inadequate account lockout setting that fails to limit the number of failed authentication attempts. This allows an attacker to repeatedly attempt login without being locked out. The vulnerability is present in the default configuration of the affected version.

Exploitation

An attacker with network access to the Guardium Big Data Intelligence service can perform a brute-force attack against user accounts. No authentication or user interaction is required. The attacker can systematically attempt passwords until the correct one is found, as the system does not enforce account lockout after a threshold of failed attempts.

Impact

Successful exploitation allows the attacker to gain access to a valid user account, potentially leading to the disclosure of sensitive information. According to the CVSS vector (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), the impact is primarily on confidentiality, with high severity.

Mitigation

IBM has published a security bulletin (reference [1]) addressing this vulnerability. The recommended mitigation is to apply the fix provided by IBM, which may involve upgrading to a patched version or adjusting account lockout settings. The exact fixed version or configuration details are not specified in the available references. Users should consult the IBM support page for the latest guidance.